[prev in list] [next in list] [prev in thread] [next in thread]
List: forgerock-openam
Subject: [OpenAM] User Profile Attribute
From: patch_78 () hotmail ! com (Patcharee Thongtra)
Date: 2011-10-27 7:42:15
Message-ID: BAY171-W92AD60148CE1B5623C9317F1D20 () phx ! gbl
[Download RAW message or body]
I changed the name format that OpenAM (SP) sends to IDP from transient to persistent.
So now OpenAM (SP) can save user profile attributes!
From: patch_78@hotmail.com
To: openam at forgerock.org
Date: Wed, 26 Oct 2011 22:55:56 -0800
Subject: Re: [OpenAM] User Profile Attribute
Hi Peter,
It seems the reason that OpenAM does not write user profile attribute is also from \
NAMEID_TRANSIENT_FORMAT as below
boolean isTransient = \
SAML2Constants.NAMEID_TRANSIENT_FORMAT.equals(nameId.getFormat());
My question is if IDP sends attribute as
<saml:Attribute Name="uid">
<saml:AttributeValue xsi:type="xs:string" xmlns:xs="http://www.w3.org/2001/XMLSchema" \
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">09078903012</saml:AttributeValue>
</saml:Attribute>
Will transient name format is set by default ? Can I set other name format as default \
in stead of transient ?
--Patcharee
> Date: Wed, 26 Oct 2011 14:40:47 +0200
> From: majorpetya at sch.bme.hu
> To: openam at forgerock.org
> Subject: Re: [OpenAM] User Profile Attribute
>
> Hi,
>
> shockingly it's:
> https://svn.forgerock.org/openam/tags/9.5.3_RTM/ ;)
>
> Peter
>
> 2011-10-26 14:32 keltez?ssel, Patcharee Thongtra ?rta:
> > H Peter,
> >
> > I am using OpenAM 9.5.3 Build 934 (2011-July-29 00:15).
> >
> > Which is the branch/tag that is most similar to my OpenAM ?
> >
> > --Patcharee
> >
> > > Date: Wed, 26 Oct 2011 13:10:20 +0200
> > > From: majorpetya at sch.bme.hu
> > > To: openam at forgerock.org
> > > Subject: Re: [OpenAM] User Profile Attribute
> > >
> > > Hi,
> > >
> > > by following this guide:
> > >
> > https://wikis.forgerock.org/confluence/display/openam/Build+OpenAM+from+Source
> > >
> > > Peter
> > >
> > > 2011-10-26 12:55 keltez?ssel, Patcharee Thongtra ?rta:
> > > > Hi Peter,
> > > >
> > > > OPENAM-474 is exactly issue I have. How can I get this update (as I can
> > > > not recompile OpenAM by myself) ?
> > > >
> > > > --Patcharee
> > > >
> > > > > Date: Wed, 26 Oct 2011 12:30:02 +0200
> > > > > From: majorpetya at sch.bme.hu
> > > > > To: openam at forgerock.org
> > > > > Subject: Re: [OpenAM] User Profile Attribute
> > > > >
> > > > > Hi,
> > > > >
> > > > > check out OPENAM-474.
> > > > > The proposed solution does not take everything into account, but it
> > > > > worths a try.
> > > > >
> > > > > Peter
> > > > >
> > > > > 2011-10-26 12:22 keltez?ssel, Patcharee Thongtra ?rta:
> > > > > > Hello,
> > > > > >
> > > > > > My OpenAM is a SP doing SSO. It gets saml:Attribute 'uid' and
> > > > > > 'SecurityLevel' from a IDP.
> > > > > > I am trying to map the 'uid' and 'SecurityLevel' to user
> > profile which
> > > > > > is dynamically created, then these attributes will be sent to the
> > > > agent.
> > > > > >
> > > > > > Right now I set
> > > > > >
> > > > > > 1) Attribute Map as : uid=uid, SecurityLevel=description
> > > > > > (in order to save 'SecurityLevel' as the description attribute)
> > > > > >
> > > > > > 2) Auto Federation is enabled
> > > > > >
> > > > > > 3) Auto Federation Attribute = uid
> > > > > >
> > > > > > 4) Profile Attribute Mapping (in the agent profile) as : [cn]=UID,
> > > > > > [description]=SecurityLevel
> > > > > >
> > > > > > OpenAM can automatically create new user with id , cn and sn =
> > 'uid'.
> > > > > > However the description is gone !!!
> > > > > > The agent gets only 'uid'.
> > > > > >
> > > > > > How can I set OpenAM to make it save 'SecurityLevel' to user
> > profile ??
> > > > > >
> > > > > > --Patcharee
> > > > > _______________________________________________
> > > > > OpenAM mailing list
> > > > > OpenAM at forgerock.org
> > > > > https://lists.forgerock.org/mailman/listinfo/openam
> > > >
> > > >
> > > > _______________________________________________
> > > > OpenAM mailing list
> > > > OpenAM at forgerock.org
> > > > https://lists.forgerock.org/mailman/listinfo/openam
> > > _______________________________________________
> > > OpenAM mailing list
> > > OpenAM at forgerock.org
> > > https://lists.forgerock.org/mailman/listinfo/openam
> >
> >
> > _______________________________________________
> > OpenAM mailing list
> > OpenAM at forgerock.org
> > https://lists.forgerock.org/mailman/listinfo/openam
> _______________________________________________
> OpenAM mailing list
> OpenAM at forgerock.org
> https://lists.forgerock.org/mailman/listinfo/openam
_______________________________________________
OpenAM mailing list
OpenAM at forgerock.org
https://lists.forgerock.org/mailman/listinfo/openam
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.forgerock.org/pipermail/openam/attachments/20111026/6ca91176/attachment.html \
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic